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WHAT IS CLAIMED: 




/ AnWpparatus for detecting whether router status information 
sent from a first routqr is unreliable, comprising: 

a memory for storing a router status database; and 

a processor A^mich (i) receives a first signal corresponding to a first 
router status message sent W the first router, the first router status message 
containing router status information indicative of the status of communication 
between the first router and a second router, (ii) compares the received first 
signal with a second signal storea in said router status database, the second 
signal corresponding to a second router status message sent by the second 
router, the second router status message sent by the second router, the second 
router status message containing router status information indicative of the 
status of communication between the second router in the first router, and (iii) 
issues an alarm signal if the signal comparison reveals that the first and 
second router status messages contain no?j- complementary router status 
information. 

2. An apparatus according to Cl^^ 1, wherein said apparatus is 
incorporated into the second router. 

3. An apparatus according to Claim A, wherein said processor 

waits a predetermined period of time after receiving tr^e first signal before 
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performing theysignal comparison. 

4. Ml apparatus according to Claim 1, wherein the processor 
performs the signalVomparison by deterrnining if both the first and second 
signals indicate that the link between the first and second routers is 
operational. \ 

5. An apparams according to Claim 1, wherein said processor, 
after the signal comparison, (ijWaits a predetermined period of time, (ii) 
receives renewed first and second signals, and (iii) reperforms the signal 
comparison on the basis of the renewed first and second signals. 

6. An apparatus according to Claim 1 , wherein the processor 
issues the alarm signal in a third router Watus message transmitted to at least 
the second router. \ 

/ \ 

An apparatus for detecting falke routing updates issued from a 
compromised router, comprising: \ 

a memory which stores a router database that contains an entry 
corresponding to a router update received from another router and 
5 characterizing the link status between the another routeV and the compromised 
router; and \ 
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a processor which (i) receives a signal corresponding to a router 
update received from the compromised router and characterizing the link 
status between me compromised router and the another router, (ii) compares 
the received signamvith the entry stored in the router database, and (ill) issues 
an alarm signal if thet received signal and the database entiy contain non- 
complementary link status information regarding the link between the 
compromised router anoythe another router. 

8. An apparatus according to Claim 7, wherein said processor 
issues a router update if said processor determines that the received signal and 
the database entry contain complementary link status information regarding 
the link between the compromised router and the another router. 

9. An apparatus according to Claim 7, further comprising a 
receiver for receiving the router update from the compromised router, and a 
transmitter for transmitting the alarm signal. 

10. An apparatus accordingVo Claim 7, wherein said apparatus 
comprises the another router. \ 

A method for detecting whetP^r router status information sent 
from a first router is unreliable, comprising the\steps of: 
storing a router status database; \ 

22 \ 



EXPRESS MAIL NO. EK220865094US PATENT 

Docket No. 99-442 

receiving a first signal corresponding to a first router status 

5 message sent bV the first router, the first router status message containing 

router status information indicative of the status of communication between 

the first router and ^second router; 

comparing ttie received first signal with a second signal stored in 

said router status database, the second signal corresponding to a second 

0 router status message sent W the second router, the second router status 

message containing router stams information indicative of the status of 

communication between the second router in the first router; and 

issuing an alarm signal if the signal comparison reveals that the 

first and second router status messages contain non-complementary router 

5 status information. 

12. A method according to Cla^m 11, wherein said method is 
performed in the second router. 

13. A method according to Claim li, further comprising the step 
of waiting a predetermined period of time after receiving the first signal before 
perforrnlng the signal comparison. 

14. A method according to Claim 11, wherein the signal 
comparison is performed by determining if both the first and second signals 
indicate that the link between the first and second routers is operational. 
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15. A metJiod according to Claim 11, further comprising the steps 
of, after the signal comparison: 

waiting a predetermined period of time; 
receiving renewed first and second signals; and 
reperfornkng the signal comparison on the basis of the renewed 
first and second signals. 

16. A method according to Claim 11, wherein the step of issuing 
the alarm signal comprises tne step of issuing the alarm signal in a third router 
status message transmitted to at least the second router. 

J/^. A method for deteWing false routing updates issued from a 
compromised router, comprising the steps of: 

storing a router database that contains an entry corresponding to 
a router update received from another router and characterizing the link status 
between the another router and the comproinised router; 

receiving a signal corresponding to a router update received from 
the compromised router and characterizing the lyik status between the 
compromised router and the another router; 

comparing the received signal with the ehpy stored in the router 
database; and 
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ii^uing an alarm signal if the received signal and the database 



entry contain non-complementary link status information regarding the link 



between the comnromised router and the another router. 



18. A rnethod according to Claim 17, further comprising the step 



of issuing a router update if said processor determines that the received signal 
and the database entry contain non-complementary link status information 
regarding the link betweenythe compromised router and the another router. 

19. A method according to Claim 17, further comprising the step 
of broadcasting the alarm signal. 

20. A method accorolng to Claim 17, wherein said steps are 
performed in the another router. \ 



causes one or more router processors to>perform a method for detecting 
whether router status information sent from a first router is unreliable, the 
computer-readable code causing the one or more router processors to perform 
the functions of: \ 

storing a router status database; \ 

receiving a first signal corresponding tov a first router status 
message sent by the first router, the first router statu^ message containing 

25 \ 




A storage medium containing computer-readable code which 




EXPRESS MAIL NO. EK220865094US PATENT 

Docket No. 99-442 

router status information indicative of the status of communication between 

10 the first romter and a second router; 

cVmparing the received first signal with a second signal stored in 
said router status database, the second signal corresponding to a second 
router status message sent by the second router, the second router status 
message containing router status information indicative of the status of 

15 communication betweemthe second router in the first router; and 

issuing an alaWi signal if the signal comparison reveals that the 
first and second router statiiis messages contain non-complementary router 
status information. \ 

A storage mediuniscontaining computer-readable code which 
causes one or more router processor^o perform a method detecting false 
routing updates issued from a comproraised router, the computer-readable 
code causing the one or more router processors to perform the functions of: 
5 storing a router database that contains an entry corresponding to 

a router update received from another router ana\characterizing the link status 
between the another router and the compromised router; 

receiving a signal corresponding to a routersupdate received from 
the compromised router and characterizing the link status^between the 

10 rTTrr>prnmif-pH rmitpr i^T ld the another rOUt^r; i \ 
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comparing the received signal with the entry stored in the router 
database; and 

issuing an alarm signal if the received signal and the database 
entry contain non-c\)mplementary link status information regarding the link 
5 between the compromised router and the another router. 



3, An apparatus for detecting whether router status information 




sent from a first router is unreliable, comprising: 

means for storingNa router status database; and 
means for (i) receivir^ a first signal corresponding to a first router 
status message sent by the first router, the first router status message 
containing router status information\ndicative of the status of communication 
between the first router and a second rcruter, (ii) comparing the received first 
signal with a second signal stored in saidVouter status database, the second 
signal corresponding to a second router stauis message sent by the second 
router, the second router status message containing router status information 
indicative of the status of communication between the second router in the first 
router, and (iii) issuing an alarm signal if the signal comparison reveals that 
the first and second router status messages contain n^-complementary router 
stat us iiifoi iiia tion: 
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